The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security vulnerability httpoxy

Discussion in 'EasyApache' started by constella, Jul 18, 2016.

  1. constella

    constella Registered

    Joined:
    Nov 29, 2012
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Website Owner
    Hi,

    Do you know if the last WHM server is vulnerable with the httpoxy set of vulnerability?
    • CVE-2016-5385: PHP
    • CVE-2016-5386: Go
    • CVE-2016-5387: Apache HTTP Server
    • CVE-2016-5388: Apache Tomcat
    • CVE-2016-1000109: HHVM
    • CVE-2016-1000110: Python
     
    #1 constella, Jul 18, 2016
    Last edited by a moderator: Jul 18, 2016
  2. grayloon

    grayloon Well-Known Member

    Joined:
    Oct 31, 2007
    Messages:
    102
    Likes Received:
    2
    Trophy Points:
    68
    Location:
    Evansville, IN
    cPanel Access Level:
    Root Administrator
    Twitter:
    We have a nice, new vulnerability website to check out.

    Should we use Apache's recommended solution on our WHM servers?

    Code:
    The two lines below enabled in the httpd.conf file will remove the "Proxy:"
header from all incoming requests, before further processing;
    LoadModule headers_module {path-to}/mod_headers.so
    RequestHeader unset Proxy early
     
    #2 grayloon, Jul 19, 2016
  3. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    36,343
    Likes Received:
    1,209
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    #3 cPanelMichael, Jul 19, 2016
    eva2000 likes this.
(You must log in or sign up to post here.)
Loading...
Similar Threads - Security vulnerability httpoxy
  1. vacancy

    Cloudflare Security Vulnerability

    vacancy, Feb 24, 2017, in forum: Security
    Replies:
    1
    Views:
    215
    cPanelMichael
    Feb 27, 2017
  2. Droidism20011

    MySQL -> MariaDB security questions

    Droidism20011, Jul 20, 2017 at 2:21 PM, in forum: Security
    Replies:
    3
    Views:
    72
    Droidism20011
    Jul 24, 2017 at 3:16 AM
  3. zoner

    SecRemoteRules - ModSecurity Vendor

    zoner, Jul 19, 2017 at 12:34 PM, in forum: Security
    Replies:
    3
    Views:
    71
    zoner
    Jul 24, 2017 at 5:15 AM
  4. Trane Francks

    EasyApache 3 security release for PHP 5.6.31?

    Trane Francks, Jul 11, 2017, in forum: EasyApache
    Replies:
    9
    Views:
    160
    cPanelMichael
    Jul 13, 2017
  5. Kent Brockman

    Security Concerns

    Kent Brockman, Jul 5, 2017, in forum: Security
    Replies:
    4
    Views:
    100
    SoftDux
    Jul 10, 2017

Share This Page